diff --git a/MediaBrowser.Api/PinLoginService.cs b/MediaBrowser.Api/PinLoginService.cs
index 8b63de10a5..a4957651fb 100644
--- a/MediaBrowser.Api/PinLoginService.cs
+++ b/MediaBrowser.Api/PinLoginService.cs
@@ -1,9 +1,14 @@
 using System;
 using System.Collections.Concurrent;
 using System.Globalization;
+using System.Threading.Tasks;
 using MediaBrowser.Common.Extensions;
+using MediaBrowser.Controller.Library;
 using MediaBrowser.Controller.Net;
+using MediaBrowser.Controller.Session;
 using MediaBrowser.Model.Connect;
+using MediaBrowser.Model.Dto;
+using MediaBrowser.Model.Session;
 using ServiceStack;
 
 namespace MediaBrowser.Api
@@ -13,6 +18,8 @@ namespace MediaBrowser.Api
     {
         [ApiMember(Name = "DeviceId", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "POST")]
         public string DeviceId { get; set; }
+        [ApiMember(Name = "AppName", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "POST")]
+        public string AppName { get; set; }
     }
 
     [Route("/Auth/Pin", "GET", Summary = "Gets pin status")]
@@ -35,7 +42,7 @@ namespace MediaBrowser.Api
 
     [Route("/Auth/Pin/Validate", "POST", Summary = "Validates a pin")]
     [Authenticated]
-    public class ValidatePinRequest : IReturnVoid
+    public class ValidatePinRequest : IReturn<SessionInfoDto>
     {
         [ApiMember(Name = "Pin", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "POST")]
         public string Pin { get; set; }
@@ -43,10 +50,27 @@ namespace MediaBrowser.Api
 
     public class PinLoginService : BaseApiService
     {
-        private readonly ConcurrentDictionary<string, MyPinStatus> _activeRequests = new ConcurrentDictionary<string, MyPinStatus>(StringComparer.OrdinalIgnoreCase);
+        private static readonly ConcurrentDictionary<string, MyPinStatus> _activeRequests = new ConcurrentDictionary<string, MyPinStatus>(StringComparer.OrdinalIgnoreCase);
+        private readonly ISessionManager _sessionManager;
+        private readonly IUserManager _userManager;
+
+        public PinLoginService(ISessionManager sessionManager, IUserManager userManager)
+        {
+            _sessionManager = sessionManager;
+            _userManager = userManager;
+        }
 
         public object Post(CreatePinRequest request)
         {
+            if (string.IsNullOrWhiteSpace(request.DeviceId))
+            {
+                throw new ArgumentNullException("DeviceId");
+            }
+            if (string.IsNullOrWhiteSpace(request.AppName))
+            {
+                throw new ArgumentNullException("AppName");
+            }
+
             var pin = GetNewPin();
 
             var value = new MyPinStatus
@@ -55,7 +79,8 @@ namespace MediaBrowser.Api
                 IsConfirmed = false,
                 IsExpired = false,
                 Pin = pin,
-                DeviceId = request.DeviceId
+                DeviceId = request.DeviceId,
+                AppName = request.AppName
             };
 
             _activeRequests.AddOrUpdate(pin, value, (k, v) => value);
@@ -75,6 +100,7 @@ namespace MediaBrowser.Api
 
             if (!_activeRequests.TryGetValue(request.Pin, out status))
             {
+                Logger.Debug("Pin {0} not found.", request.Pin);
                 throw new ResourceNotFoundException();
             }
 
@@ -88,12 +114,13 @@ namespace MediaBrowser.Api
             });
         }
 
-        public object Post(ExchangePinRequest request)
+        public async Task<object> Post(ExchangePinRequest request)
         {
             MyPinStatus status;
 
             if (!_activeRequests.TryGetValue(request.Pin, out status))
             {
+                Logger.Debug("Pin {0} not found.", request.Pin);
                 throw new ResourceNotFoundException();
             }
 
@@ -104,14 +131,24 @@ namespace MediaBrowser.Api
                 throw new ResourceNotFoundException();
             }
 
-            return ToOptimizedResult(new PinExchangeResult
+            var auth = AuthorizationContext.GetAuthorizationInfo(Request);
+            var user = _userManager.GetUserById(status.UserId);
+
+            var result = await _sessionManager.CreateNewSession(new AuthenticationRequest
             {
-                // TODO: Add access token
-                UserId = status.UserId
-            });
+                App = auth.Client,
+                AppVersion = auth.Version,
+                DeviceId = auth.DeviceId,
+                DeviceName = auth.Device,
+                RemoteEndPoint = Request.RemoteIp,
+                Username = user.Name
+
+            }).ConfigureAwait(false);
+
+            return ToOptimizedResult(result);
         }
 
-        public void Post(ValidatePinRequest request)
+        public object Post(ValidatePinRequest request)
         {
             MyPinStatus status;
 
@@ -124,12 +161,18 @@ namespace MediaBrowser.Api
 
             status.IsConfirmed = true;
             status.UserId = AuthorizationContext.GetAuthorizationInfo(Request).UserId;
+
+            return ToOptimizedResult(new ValidatePinResult
+            {
+                AppName = status.AppName
+            });
         }
 
         private void EnsureValid(string requestedDeviceId, MyPinStatus status)
         {
             if (!string.Equals(requestedDeviceId, status.DeviceId, StringComparison.OrdinalIgnoreCase))
             {
+                Logger.Debug("Pin device Id's do not match. requestedDeviceId: {0}, status.DeviceId: {1}", requestedDeviceId, status.DeviceId);
                 throw new ResourceNotFoundException();
             }
 
@@ -145,6 +188,7 @@ namespace MediaBrowser.Api
 
             if (status.IsExpired)
             {
+                Logger.Debug("Pin {0} is expired", status.Pin);
                 throw new ResourceNotFoundException();
             }
         }
@@ -163,16 +207,7 @@ namespace MediaBrowser.Api
 
         private string GetNewPinInternal()
         {
-            var length = 5;
-            var pin = string.Empty;
-
-            while (pin.Length < length)
-            {
-                var digit = new Random().Next(0, 9);
-                pin += digit.ToString(CultureInfo.InvariantCulture);
-            }
-
-            return pin;
+            return new Random().Next(10000, 99999).ToString(CultureInfo.InvariantCulture);
         }
 
         private bool IsPinActive(string pin)
@@ -181,15 +216,15 @@ namespace MediaBrowser.Api
 
             if (!_activeRequests.TryGetValue(pin, out status))
             {
-                return true;
+                return false;
             }
 
             if (status.IsExpired)
             {
-                return true;
+                return false;
             }
 
-            return false;
+            return true;
         }
 
         public class MyPinStatus : PinStatusResult
@@ -197,6 +232,12 @@ namespace MediaBrowser.Api
             public DateTime CreationTimeUtc { get; set; }
             public string DeviceId { get; set; }
             public string UserId { get; set; }
+            public string AppName { get; set; }
         }
     }
+
+    public class ValidatePinResult
+    {
+        public string AppName { get; set; }
+    }
 }
diff --git a/MediaBrowser.Api/UserService.cs b/MediaBrowser.Api/UserService.cs
index 3996a03114..a35a1c3a23 100644
--- a/MediaBrowser.Api/UserService.cs
+++ b/MediaBrowser.Api/UserService.cs
@@ -415,23 +415,6 @@ namespace MediaBrowser.Api
         {
             var auth = AuthorizationContext.GetAuthorizationInfo(Request);
 
-            if (string.IsNullOrWhiteSpace(auth.Client))
-            {
-                auth.Client = "Unknown app";
-            }
-            if (string.IsNullOrWhiteSpace(auth.Device))
-            {
-                auth.Device = "Unknown device";
-            }
-            if (string.IsNullOrWhiteSpace(auth.Version))
-            {
-                auth.Version = "Unknown version";
-            }
-            if (string.IsNullOrWhiteSpace(auth.DeviceId))
-            {
-                auth.DeviceId = "Unknown device id";
-            }
-
             var result = await _sessionMananger.AuthenticateNewSession(new AuthenticationRequest
             {
                 App = auth.Client,
diff --git a/MediaBrowser.Controller/Session/ISessionManager.cs b/MediaBrowser.Controller/Session/ISessionManager.cs
index dc9612c844..fa74c57499 100644
--- a/MediaBrowser.Controller/Session/ISessionManager.cs
+++ b/MediaBrowser.Controller/Session/ISessionManager.cs
@@ -250,6 +250,13 @@ namespace MediaBrowser.Controller.Session
         /// <returns>Task{SessionInfo}.</returns>
         Task<AuthenticationResult> AuthenticateNewSession(AuthenticationRequest request);
 
+        /// <summary>
+        /// Creates the new session.
+        /// </summary>
+        /// <param name="request">The request.</param>
+        /// <returns>Task&lt;AuthenticationResult&gt;.</returns>
+        Task<AuthenticationResult> CreateNewSession(AuthenticationRequest request);
+
         /// <summary>
         /// Reports the capabilities.
         /// </summary>
diff --git a/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs b/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
index e69ff367a4..c284007f7c 100644
--- a/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
+++ b/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
@@ -348,6 +348,12 @@ namespace MediaBrowser.Server.Implementations.HttpServer
                 return Task.FromResult(true);
             }
 
+            if (string.Equals(localPath, "/emby/pin", StringComparison.OrdinalIgnoreCase))
+            {
+                httpRes.RedirectToUrl("web/pin.html");
+                return Task.FromResult(true);
+            }
+            
             if (!string.IsNullOrWhiteSpace(GlobalResponse))
             {
                 httpRes.StatusCode = 503;
diff --git a/MediaBrowser.Server.Implementations/LiveTv/EmbyTV/EncodedRecorder.cs b/MediaBrowser.Server.Implementations/LiveTv/EmbyTV/EncodedRecorder.cs
index 38f35f4cc6..ac5cda95ea 100644
--- a/MediaBrowser.Server.Implementations/LiveTv/EmbyTV/EncodedRecorder.cs
+++ b/MediaBrowser.Server.Implementations/LiveTv/EmbyTV/EncodedRecorder.cs
@@ -143,7 +143,7 @@ namespace MediaBrowser.Server.Implementations.LiveTv.EmbyTV
             {
                 audioChannels = audioStream.Channels ?? audioChannels;
             }
-            return "-codec:a:0 aac -strict experimental -ab 320000 -ac " + audioChannels.ToString(CultureInfo.InvariantCulture);
+            return "-codec:a:0 aac -strict experimental -ab 320000";
         }
 
         private bool EncodeVideo(MediaSourceInfo mediaSource)
diff --git a/MediaBrowser.Server.Implementations/Session/SessionManager.cs b/MediaBrowser.Server.Implementations/Session/SessionManager.cs
index 7e2f41ef9a..70f60f31a8 100644
--- a/MediaBrowser.Server.Implementations/Session/SessionManager.cs
+++ b/MediaBrowser.Server.Implementations/Session/SessionManager.cs
@@ -1278,7 +1278,17 @@ namespace MediaBrowser.Server.Implementations.Session
         /// </summary>
         /// <param name="request">The request.</param>
         /// <returns>Task{SessionInfo}.</returns>
-        public async Task<AuthenticationResult> AuthenticateNewSession(AuthenticationRequest request)
+        public Task<AuthenticationResult> AuthenticateNewSession(AuthenticationRequest request)
+        {
+            return AuthenticateNewSessionInternal(request, true);
+        }
+
+        public Task<AuthenticationResult> CreateNewSession(AuthenticationRequest request)
+        {
+            return AuthenticateNewSessionInternal(request, false);
+        }
+
+        private async Task<AuthenticationResult> AuthenticateNewSessionInternal(AuthenticationRequest request, bool enforcePassword)
         {
             var user = _userManager.Users
                 .FirstOrDefault(i => string.Equals(request.Username, i.Name, StringComparison.OrdinalIgnoreCase));
@@ -1291,13 +1301,16 @@ namespace MediaBrowser.Server.Implementations.Session
                 }
             }
 
-            var result = await _userManager.AuthenticateUser(request.Username, request.PasswordSha1, request.PasswordMd5, request.RemoteEndPoint).ConfigureAwait(false);
-
-            if (!result)
+            if (enforcePassword)
             {
-                EventHelper.FireEventIfNotNull(AuthenticationFailed, this, new GenericEventArgs<AuthenticationRequest>(request), _logger);
+                var result = await _userManager.AuthenticateUser(request.Username, request.PasswordSha1, request.PasswordMd5, request.RemoteEndPoint).ConfigureAwait(false);
 
-                throw new SecurityException("Invalid user or password entered.");
+                if (!result)
+                {
+                    EventHelper.FireEventIfNotNull(AuthenticationFailed, this, new GenericEventArgs<AuthenticationRequest>(request), _logger);
+
+                    throw new SecurityException("Invalid user or password entered.");
+                }
             }
 
             var token = await GetAuthorizationToken(user.Id.ToString("N"), request.DeviceId, request.App, request.AppVersion, request.DeviceName).ConfigureAwait(false);
@@ -1320,7 +1333,8 @@ namespace MediaBrowser.Server.Implementations.Session
                 ServerId = _appHost.SystemId
             };
         }
-
+        
+        
         private async Task<string> GetAuthorizationToken(string userId, string deviceId, string app, string appVersion, string deviceName)
         {
             var existing = _authRepo.Get(new AuthenticationInfoQuery
diff --git a/MediaBrowser.WebDashboard/MediaBrowser.WebDashboard.csproj b/MediaBrowser.WebDashboard/MediaBrowser.WebDashboard.csproj
index d4d8be7f1a..832944aade 100644
--- a/MediaBrowser.WebDashboard/MediaBrowser.WebDashboard.csproj
+++ b/MediaBrowser.WebDashboard/MediaBrowser.WebDashboard.csproj
@@ -275,6 +275,9 @@
     <Content Include="dashboard-ui\mysyncsettings.html">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </Content>
+    <Content Include="dashboard-ui\pin.html">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
     <Content Include="dashboard-ui\robots.txt">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </Content>
@@ -317,6 +320,9 @@
     <Content Include="dashboard-ui\scripts\autoorganizesmart.js">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </Content>
+    <Content Include="dashboard-ui\scripts\pin.js">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
     <Content Include="dashboard-ui\scripts\searchmenu.js">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </Content>